Symantec Critical System manual Checklist for migrating from Symantec Intruder Alert

Policy migration involves using a policy conversion utility that converts legacy

.pol and .ini files to XML files and places them in a .zip file, and then using the authoring environment to compile the converted legacy policies to the latest version. The utility runs on Windows only, but will convert UNIX policy files.

You should not migrate policies until you are comfortable working with the Symantec Critical System Protection management console and authoring environment.

Symantec Critical System Protection implements rules differently than Symantec Intruder Alert and Symantec Host IDS, so you must validate your rules before compiling your policies.

Checklist for migrating from Symantec Intruder Alert

Symantec Critical System Protection contains an IDS component similar in functionality to Symantec Intruder Alert. Migrating from Symantec Intruder Alert to Symantec Critical System Protection is a fairly straightforward process.

Before starting the migration process, you should note the following:

■The Symantec Critical System Protection management server only runs on Windows, while the Symantec Intruder Alert server is multi-platform. You may want to run Symantec Intruder Alert and Symantec Critical System Protection in parallel, migrating over agents from Symantec Intruder Alert to Symantec Critical System Protection in bunches, until potentially all Symantec Intruder Alert agents are migrated to Symantec Critical System Protection, and the Symantec Intruder Alert server can be retired.

Symantec Intruder Alert supports agent platforms that are not supported by Symantec Critical System Protection, so you might require a small continuing Symantec Intruder Alert presence to service those platforms. If you install the Symantec Critical System Protection management server on a separate computer from the Symantec Intruder Alert server, you might want to reuse the same communication ports that the Symantec Intruder Alert server uses to communicate with its agents, to simplify your firewall changes. The Symantec Critical System Protection installation process lets you specify which ports you want to use.

■The policy conversion utility migrates your custom Symantec Intruder Alert policies to Symantec Critical System Protection.

Use the policy conversion utility to convert your custom Symantec Intruder Alert policies into XML that can be imported into the Symantec Critical